none
IE 11 is reporting an incorrect user agent string (after June 2016 patches) causing websites to display incorrectly RRS feed

  • Question

  • IE 11 (with the latest June 2016 patches) on Windows 7, Windows 10, and the latest Windows 10 Insider Build (14385) reports that it is IE 7, thus causing many websites to display incorrectly.

    As evidence, using the site, http://useragentstring.com/, IE 11 is sending the following string:  "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; InfoPath.3)".   This suggests that IE11 is telling websites that it is Internet Explorer 7.0. 

    I reported this on July 1st (http://answers.microsoft.com/en-us/windows/forum/windows_10-networking/when-using-ie-11420105860-google-calendar-says/df201160-6c34-4899-91b7-11f188e4b7a2?auth=1) and it doesn't appear to have been taken seriously!

    Our IT folks are asking us to abandon IE and switch to Chrome.  Please

    • Make a hotfix available prior to the next Patch Tuesday;
    • Make sure this is fixed before the Windows 10 Anniversary Build is completed this month;
    • Make sure that a fix is included in the July Patch Tuesday.

    PLEASE TAKE THIS BUG REPORT SERIOUSLY!


    • Edited by gmj2 Tuesday, July 12, 2016 4:07 PM
    Tuesday, July 12, 2016 3:48 PM

Answers

  • It turns out that the issues are related to efforts by our security team to mitigate the impact of the recently-discovered WPAD (Web Proxy Auto-Discovery) protocol bug that puts Windows users at risk.

    US-CERT has issued a public alert (https://www.us-cert.gov/ncas/alerts/TA16-144A, 5-23-16) after researchers from the University of Michigan and Verisign Labs discovered a method of leveraging the WPAD protocol to launch MitM (Man in the Middle) attacks against corporate networks (http://www.verisign.com/assets/labs/MitM-Attack-by-Name-Collision-Cause-Analysis-and-WPAD-Vulnerability-Assessment-in-the-New-gTLD-Era.pdf).

    After the security team reconfigured our proxy servers, Windows defined many internal/external sites as included in our local intranet zone ... hence the problems/issues raised in this post.

    The quick-fix work-around is to uncheck all the boxes in the IE11 "local intranet" (see below) and used the "Advanced" feature to manually add in any web sites that need to be viewed in compatibility mode:

    Microsoft has issued a security update for WPAD (https://technet.microsoft.com/en-us/library/security/ms16-077.aspx, see also the FAQ section for other issues to address).  I've asked our IT team whether this updates addresses the issues they were trying to address with the proxy server configuration changes ... does anyone have anything to share about how they've addressed this issue?  Your best practices advice would be most appreciated.

    Friday, July 22, 2016 5:39 PM

All replies

  • Hi gm,

    Tools>Compatibility View Settings>

    Remove any websites from the list there. (I expect that you have placed a number of sites in there)

    Check "Include updated website lists from Micorosoft"

    Our IT folks are asking us to abandon IE and switch to Chrome. 

    Your IT folks should now the settings of the browsers they support or how to diagnose and correct issues..

    Regards.

    Questions regarding Internet Explorer 8, 9 and 10 and Internet Explorer 11 for the IT Pro Audience. Topics covered are: Installation, Deployment, Configuration, Security, Group Policy, Management questions. If you are a consumer looking for answers or to raise a question, it's highly recommended you head on over to http://answers.microsoft.com/en-u


    Rob^_^

    Wednesday, July 13, 2016 4:12 AM
  • Hi gmj2,

    By default, Internet Explorer 11 on Windows 8.1 sends the following User-Agent string:

    Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

    This string is deliberately designed to cause most UA-string sniffing logic to interpret it either Gecko or WebKit. This design choice was a careful one—the IE team tested many UA string variants to find out which would cause the majority of sites to “just work” for IE11 users.

    If the user chooses to render a site in Compatibility View (click Tools > Compatibility View Settings) then IE will send a User-Agent string that mimics Internet Explorer 7’s UA string: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Trident/7.0; .NET4.0E; .NET4.0C)

    By default, sites in the Intranet Zone render in Compatibility view, so this is the User-Agent string they’ll see.

    Please refer to the link below to get more information about Compatibility View List

    https://blogs.msdn.microsoft.com/ieinternals/2013/09/21/internet-explorer-11s-many-user-agent-strings/

    Hope it will be helpful to you

    Please mark the reply as an answer if you find it is helpful.

    If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Wednesday, July 13, 2016 9:57 AM
    Moderator
  • There are not sites in the Compatibility View ... and I don't see any reason that http://useragentstring.com/ would be considered an intranet site.

    Thursday, July 14, 2016 5:27 PM
  • No ... see below:

    Thursday, July 14, 2016 5:29 PM
  • It turns out that the issues are related to efforts by our security team to mitigate the impact of the recently-discovered WPAD (Web Proxy Auto-Discovery) protocol bug that puts Windows users at risk.

    US-CERT has issued a public alert (https://www.us-cert.gov/ncas/alerts/TA16-144A, 5-23-16) after researchers from the University of Michigan and Verisign Labs discovered a method of leveraging the WPAD protocol to launch MitM (Man in the Middle) attacks against corporate networks (http://www.verisign.com/assets/labs/MitM-Attack-by-Name-Collision-Cause-Analysis-and-WPAD-Vulnerability-Assessment-in-the-New-gTLD-Era.pdf).

    After the security team reconfigured our proxy servers, Windows defined many internal/external sites as included in our local intranet zone ... hence the problems/issues raised in this post.

    The quick-fix work-around is to uncheck all the boxes in the IE11 "local intranet" (see below) and used the "Advanced" feature to manually add in any web sites that need to be viewed in compatibility mode:

    Microsoft has issued a security update for WPAD (https://technet.microsoft.com/en-us/library/security/ms16-077.aspx, see also the FAQ section for other issues to address).  I've asked our IT team whether this updates addresses the issues they were trying to address with the proxy server configuration changes ... does anyone have anything to share about how they've addressed this issue?  Your best practices advice would be most appreciated.

    Friday, July 22, 2016 5:39 PM
  • Hi gmj2,

    Glad to hear that you have found a solution and thank you for sharing it here, it will be helpful to other community members who have same questions.

    Best regards,

    Carl Fan


    Please mark the reply as an answer if you find it is helpful.

    If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Wednesday, July 27, 2016 9:38 AM
    Moderator
  • I have all those settings turned off, but I still get compatibility mode user agent being sent. I even made sure it wasn't being forced in Group Policy (via rsop.msc).

    I also have the meta tag with X-UA-Compatible set to IE=Edge.

    • Edited by retazzo4 Friday, September 9, 2016 6:52 PM
    Friday, September 9, 2016 6:43 PM
  • I could F***ING KISS YOU!!! I have been trying to solve this issue for 5 hours. I noticed that when enabling any proxy type, even if allowing *.* to the exceptions, that the UA changes.

    With proxy off we'd get Mozilla 5.0

    With it on, no matter what it was Mozilla 4.0

    You're a savior!!

    Tuesday, May 29, 2018 8:00 PM